Beginner Here I have Questions 🤔

Hello im new to parrot security and i am a beginner, I have installed Parrot in Vm yesterday and have some questions to be answered if anyone can answer :blush:

  1. Do i watch out for harmful scripts from github or is there anything to be cautious about when grabbing fron github?

  2. When i turn on AnonSurf does it actually make me safe to do anything in parrot with Vm?

  3. Do i need extra security before doing anything or is AnonSurf enough to keep me hidden?

  4. As a beginner what do you recommend me to try out first to get used to and to learn more experience using Parrot.

Thank you for anybody that answers once again i greatly appreciate it! :smile:

  1. Our firefox has scripts that can protect you. In theory, you are safe (ofc there is nothing 100% safe)
  2. Anonsurf forwards your all traffic through tor network. You are anonymous on internet.
  3. Yes. An encrypted protocol is needed. Be careful about tracking cookies, malwares and exploits.
  4. You can use anything. The point is: what would you learn from it.
1 Like

Damn a dev answered me thats awesome. And whats this encrypted protocol i need for extra security?

I guess you are regular (i meant you have not much experience about security and system and stuff) user so I’ll make it simple.
For example, you are browsing with your firefox, it means you are accessing HTTP protocol.
The problem is HTTP protocol is unencrypted so attacker can get all data of yours.
So, security researchers wanted to make everything be secure. They made SSL to encrypt your traffic (It is called TLS in latest version). Your connection is safe with encrypted HTTP using TLS (there are websites still use SSL). This protocol is called HTTPS. If you look at the picture, you will see the green lock icon. It means our forum is using HTTPS and it has a verified CERT.
Screenshot%20at%202019-07-05%2015-55-23

There are encrypted services like: SSH, SFTP, … I believe you can read more about this section on wiki.
There are more and more about safe connection and encryption like PGP, E2E encryption, …

I think connection with strong algth encryption is the best answer.

1 Like

Learn about firejail and how to use it instead of bypass it (firejail.wordpress.com) and utilize sandboxing and the correct usage of tor and or proxies and or private vpns in the best possible practices. DM is a fantastic source of information and is on point with the algorithms as one of your most important assets in your goals outlined in this post

5 Likes

Ohhh ok now i know what your trying to say. I know about the http https thing especially when it comes to inputting your login details on websites that don’t have https for security. (Also saw a video on how people can gain another ones information within a network if the person is using http and if there was a security camera using http that u can sniff it from its network and grab the png file to look at what they are seeing on that camera using http. But overall now i get what your trying to say :slight_smile: id appreciate you answering my question! And yes im kind of a regular i used to code in c# but not anymore (i was a ps3 kid that made modding tools) so i do know basics but i am new to trying out parrot in vm (as i never did such thing before so i got curious and wanted to learn) I was going to go with kali but then heard about parrot when doing research about linux (by the way amazing and best lookin linux i ever seen then kali and surprising that it runs so smooth with 2 gb of space given)

1 Like

Thank you for pointing me to a path i can look into :blush:

If you want to get into cyber security than this might help.

1 Like

I’ll look into it thank you! :smiley:

Hello im glad that u chose parrot sec os
1-there is no harmful script in github
2-anonysirf changes ur ip but not ur dns (127.0.0.1)
3-no
4-start with some basic wireles hacking using aircrack-ng suit and some mimt attacks

Hi There Junez!
I am really happy to see you! Parrot is one of my favorite Linux operating system and I have hopes that you will love it, too!

To cover up your question:

Ans: GitHub is an open source code hosting platform. So there’s literally nothing harmful as long as you can understand the code of programs that you grab from GitHub (although its always recommended to compile everything yourself, but there is nothing suspicious about release versions of programs hosted on GitHub).

AnonSurf is really safe but if you still fear of getting traced, I recommend setting up a VPN as well as proxy chains. Or simply use TOR network.

Depends on what you are up to!

Hmm, well. Try to learn the Linux operating system itself first and customize it. Then, I’d recommend to try some backdoors, sniffing and spoofing over your own local network using wireshark, Ettercap and other command line tools, and play around with wireless networks using aircrack-ng set (this is my favorite part, btw).

Extra Suggestion:
Install Parrot OS in a USB Stick or set up persistence so that you can carry your setup in your pocket.

Cheers!

1 Like

I offer some tutorials for those starting out at http://www.majikcat.com
This is not an official Parrot Security tutorial channel or site or anything it is just something I do on my own.

Welcome to Parrot Security you will love this distro. Lot’s of friendly, helpful folks here just always remember people are quicker to help those help themselves. So, basically do research first, at least try a few things, then ask any questions you need but be specific and detailed and you will never be disappointed with the quality of the answers you get.

Enjoy your journey! =)

1 Like

Thank you ill check your site out :slight_smile:

1 Like

On Firefox, a good setup for day to day is the base extensions they have with it:. Ublock origin, privacy badger, noscript. I would add wot and https everywhere. It rounds out Firefox for day to day.

I tried Kali and didn’t like it, thought it was clunky; and feel it is designed to monitor like windows. I came from arch linux, and recommend it to learn linux system; everything is done the manual way, and you really learn linux. Arch repository is broken down and stuff I needed made me abandon it . Parrot gui is sweet.

If your working the bis it should be ok, I’m just starting to learn; attending school, with parrot being my work horse. I run suricata set up in IPS mode as daemon, and will turn it off when I need to have an unhampered system; don’t recommend installing unless you need heavy defenses. I had issues with someone messing with me, and I’m using suricata for now.

1 Like

Is there a tutorial to using suricata

Honestly I am surprised about the fact you thought Kali was clunky yet you prefer Arch. I would NEVER recommend Arch to a beginner, they would just get frustrated very easily. Honestly for those starting out I recommend OpenSuSE because it makes it easy to move from Winblows to LINUX. However, if you are wanting to learn cyber security, and/or just use a secure system then I recommend Parrot Security OS.

If we are talking areas of security look into snort, snarf, firejail, and a good VPN like NordVPN which is very linux friendly and easy to use.

1 Like

I prefer arch if you really want to learn how to do linux, once you figure out how to do things; it is ok. I wasnt referencing for a transfer new coming from windows, though that is what I did. Lol Just saying if you want to do things for yourself, and not depend on automation. Plus when automation breaks, old school will work. I’m having problem cause parrot is somewhat automated. Lol… I do love parrot, but also appreciate arch if you really want to learn; and arch wiki pages are awesome for information on linux.

1 Like